f5a18f4685392d7d7429a90a8f1adaf26b4712842463c4f68a4e937da9528574 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_ffb7a22ed73aeef2ceb31fde2566dba9_cryptolocker
Size

77KB
Sample

240829-khxqnavaqm
MD5

ffb7a22ed73aeef2ceb31fde2566dba9
SHA1

24fecd6a02a5903dffe550789ee5e4c966ba7e09
SHA256

f5a18f4685392d7d7429a90a8f1adaf26b4712842463c4f68a4e937da9528574
SHA512

759a7db050a3f57432819f2beeed94a0d2a979fbb09a98b079776dc1ae130099c53d8925e80e40e068aa43773deb3caf6e02abc455364266d6e6fb1488a868f5
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1si0:X6a+SOtEvwDpjBZYvQd26

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-29_ffb7a22ed73aeef2ceb31fde2566dba9_cryptolocker
- Size
  
  77KB
- MD5
  
  ffb7a22ed73aeef2ceb31fde2566dba9
- SHA1
  
  24fecd6a02a5903dffe550789ee5e4c966ba7e09
- SHA256
  
  f5a18f4685392d7d7429a90a8f1adaf26b4712842463c4f68a4e937da9528574
- SHA512
  
  759a7db050a3f57432819f2beeed94a0d2a979fbb09a98b079776dc1ae130099c53d8925e80e40e068aa43773deb3caf6e02abc455364266d6e6fb1488a868f5
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1si0:X6a+SOtEvwDpjBZYvQd26
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2